package com.bb.blog.security.controller;

import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.provider.*;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping("/oauth")
@RestController
@RequiredArgsConstructor
@Slf4j
public class OAuthController {
//    private final DefaultTokenServices tokenServices;
//    private final TokenService tokenService;

//    private final OAuth2RequestFactory oAuth2RequestFactory;
//    private final ClientDetailsService clientDetailsService;
//
//    private UserApprovalHandler userApprovalHandler = new DefaultUserApprovalHandler();
//    private OAuth2RequestValidator oauth2RequestValidator = new DefaultOAuth2RequestValidator();
//    private RedirectResolver redirectResolver = new DefaultRedirectResolver();


    /**
     * 改造成JSON的方式来登录
     */
//    @RequestMapping(value = "/authorize")
//    public Object authorize(@RequestParam Map<String, String> parameters, Principal principal) {

//        // 将所有的参数都放在一个对象中
//        AuthorizationRequest authorizationRequest = this.oAuth2RequestFactory.createAuthorizationRequest(parameters);
//
//        // 这个接口只能处理 grant_code 类型或者 implicit 类型的验证请求
//        Set<String> responseTypes = authorizationRequest.getResponseTypes();
//        if (!responseTypes.contains("token") && !responseTypes.contains("code")) {
//            throw new UnsupportedResponseTypeException("Unsupported response types: " + responseTypes);
//        }
//
//        if (authorizationRequest.getClientId() == null) {
//            throw new InvalidClientException("A client id must be provided");
//        }
//
//
//        // 用户必须登录以后才能获取code 或者隐式获取access_token
//        // 所以要求认证服务器是有自己的登录验证体系的
//        if (!(principal instanceof Authentication) || !((Authentication) principal).isAuthenticated()) {
//            throw new InsufficientAuthenticationException(
//                    "User must be authenticated with Spring Security before authorization can be completed.");
//        }
//        // 获取登录方 Client 信息
//        ClientDetails client = clientDetailsService.loadClientByClientId(authorizationRequest.getClientId());
//
//        // The resolved redirect URI is either the redirect_uri from the parameters or the one from
//        // clientDetails. Either way we need to store it on the AuthorizationRequest.
//        String redirectUriParameter = authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
//        String resolvedRedirect = redirectResolver.resolveRedirect(redirectUriParameter, client);
//        if (!StringUtils.hasText(resolvedRedirect)) {
//            throw new RedirectMismatchException(
//                    "A redirectUri must be either supplied or preconfigured in the ClientDetails");
//        }
//        authorizationRequest.setRedirectUri(resolvedRedirect);
//        //检查申请的权限有没有越界
//        oauth2RequestValidator.validateScope(authorizationRequest, client);
//
//        //查看是否申请成功
//        if (authorizationRequest.isApproved()) {
//            if (responseTypes.contains("token")) {
//                return getImplicitGrantResponse(authorizationRequest);
//            }
//            if (responseTypes.contains("code")) {
//                // 执行跳转 302 跳转到redirect_uri的地址上
//                return new ModelAndView(getAuthorizationCodeResponse(authorizationRequest,
//                        (Authentication) principal));
//            }
//        }
//
//        HashMap<String, Object> approvalPage = new HashMap<>();
//        approvalPage.put("request", authorizationRequest);
//        approvalPage.put("principal", principal);
//        return approvalPage;
//        return null;
//    }

    
//    @GetMapping("/user")
//    public Object user(@RequestParam  Map<String,String> param, HttpServletRequest servletRequest){
//
//        log.info("获取用户身份-param: " + JSONObject.toJSONString(param));
//        OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) SecurityContextHolder.getContext().getAuthentication();
//        Authentication userAuth = oAuth2Authentication.getUserAuthentication();
//        BbUserDetail userDetails = (BbUserDetail)userAuth.getPrincipal();
//        User user =   userDetails.getUser();
//
//        HashMap<String,Object> hashMap = new HashMap<>();
//        hashMap.put("id", user.getId());
//        hashMap.put("username", user.getUsername());
//        hashMap.put("createTime", user.getCreateTime());
//        hashMap.put("authorities", userAuth.getAuthorities());
//
//        return hashMap;
//    }


    private String getAuthorizationCodeResponse(AuthorizationRequest authorizationRequest, Authentication principal) {
        return null;
    }




    private Object getImplicitGrantResponse(AuthorizationRequest authorizationRequest) {
        return null;
    }
}
